Antivirus software removes my backup .sql database file because wp_wfhits table.
-
Hello, my antivirus software on my computer started to get triggered by the .sql file i regularly download as a WordPress backup. After further checking, i found that the triggering part was a script snippet placed into the wp_wfhits table by Wordfence plugin (i believe) about some bad guy’s website.
Here i opened a question on this with more details, if in need: https://webmasters.stackexchange.com/questions/125894/wordpress-database-backup-sql-file-got-a-trojan-category-malware-treat-says/125930?noredirect=1#comment171350_125930
I also send a feedback to Wordfence team, before i found this free forum. Here is the reply for your reference:
The wfhits table stores all visits that are displayed on the Live Traffic tool page in our plugin.
The domain balantfromsun [.] com is a known bad domain, which you can see here:
https://www.virustotal.com/gui/url/003d9a8db5dddc08b6f365b2a9e9144341000caa0011d5f3cfc592401de16c0d/detectionThe rows in the table show that a cross-scripting attack involving this domain name was carried out on the site from which this database belongs to. The attack was blocked by Wordfence.
It’s -obviously- all good and I’m happy that Wordfence managed to catch this specific XSS attack!
My further question on this: is it possible to further improve the storage part of the malicious scripts/codes to as not to trigger antivirus software?
Or what is the required procedure in these cases? It may cause (even) bigger headaches to users who aren’t able to research the exact triggering part themselves?Thank you!
Viktor Boritas
- The topic ‘Antivirus software removes my backup .sql database file because wp_wfhits table.’ is closed to new replies.